← voltar
CVE-2018-2366

CVE-2018-2366

CVSS 4.3 MEDIUMEPSS 1.6%
SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs.
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
SAP SE · SAP Business Process Automation (BPA) By Redwood

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/https://launchpad.support.sap.com/#/notes/2555667http://www.securityfocus.com/bid/103371